Automating AWS S3 Bucket Setup with Bash and PowerShell

Managing AWS S3 buckets manually is fine—until it isn't. If you've ever found yourself clicking around the AWS Console or typing out endless CLI commands just to set up a simple S3 bucket, then this automation script is for you. With Bash and PowerShell, we’ll make the process seamless, efficient, and (most importantly) repeatable.

---

🚀 What This Script Does

1. Checks for AWS CLI: If AWS CLI isn’t installed, it installs it and configures credentials.
2. Creates an S3 Bucket: Takes user input for bucket name and sets it up in a secure manner.
3. Secures the Bucket: Ensures no public access is allowed.
4. Uploads a File: Lets the user upload a file from their local machine.
5. Generates a Pre-signed URL: Creates a time-limited download link for the uploaded file.

---

🏗️ The Bash Script (Linux/macOS)

#!/bin/bash

# Function to check if AWS CLI is installed and install it if necessary
check_aws_cli() {
    # Check if the 'aws' command is available in the system
    if ! command -v aws &> /dev/null; then
        echo "AWS CLI not found. Installing AWS CLI..."

        # Download the AWS CLI installation package
        curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

        # Unzip the downloaded file
        unzip awscliv2.zip

        # Install AWS CLI using sudo privileges
        sudo ./aws/install

        # Clean up by removing unnecessary installation files
        rm -rf aws awscliv2.zip

        echo "AWS CLI installed successfully."
    else
        echo "AWS CLI is already installed."
    fi
}

# Function to configure AWS CLI with user-provided credentials
configure_aws() {
    echo "Configuring AWS CLI..."
    # Run the interactive AWS CLI configuration command
    aws configure
}

# Function to create an S3 bucket securely
create_s3_bucket() {
    local bucket_name=$1  # First argument: Name of the S3 bucket
    local region=$2       # Second argument: AWS region

    echo "Creating S3 bucket: $bucket_name in region: $region..."
    # Create an S3 bucket using AWS CLI
    aws s3api create-bucket --bucket "$bucket_name" --region "$region"

    # Check if the bucket creation was successful
    if [ $? -eq 0 ]; then
        echo "Bucket created successfully: $bucket_name"
    else
        echo "Failed to create bucket."
        exit 1  # Exit script if bucket creation fails
    fi

    # Apply security settings to block public access to the bucket
    aws s3api put-public-access-block --bucket "$bucket_name" \
        --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true

    echo "Bucket secured: Public access blocked."
}

# Function to upload a file to an S3 bucket
upload_file() {
    local file_path=$1    # First argument: Path to the file to be uploaded
    local bucket_name=$2  # Second argument: S3 bucket name

    echo "Uploading file: $file_path to S3 bucket: $bucket_name..."
    # Use AWS CLI to copy the file to the specified S3 bucket
    aws s3 cp "$file_path" "s3://$bucket_name/"

    # Check if the upload was successful
    if [ $? -eq 0 ]; then
        echo "File uploaded successfully."
    else
        echo "File upload failed."
        exit 1  # Exit script if upload fails
    fi
}

# Function to generate a pre-signed URL for an S3 object (file)
generate_presigned_url() {
    local bucket_name=$1  # First argument: S3 bucket name
    local file_name=$2    # Second argument: Name of the file in the bucket
    local expiry=$3       # Third argument: Expiry time in seconds for the URL

    echo "Generating pre-signed URL..."
    # Generate a pre-signed URL that allows temporary access to the file
    presigned_url=$(aws s3 presign "s3://$bucket_name/$file_name" --expires-in "$expiry")

    echo "Pre-signed URL (valid for $expiry seconds):"
    echo "$presigned_url"
}

# Main script execution begins here

# Step 1: Ensure AWS CLI is installed
check_aws_cli

# Step 2: Configure AWS CLI with user credentials
configure_aws

# Step 3: Prompt the user for S3 bucket details
read -p "Enter S3 bucket name: " bucket_name  # Get bucket name from user
read -p "Enter AWS region (e.g., us-east-1): " region  # Get AWS region from user

# Step 4: Create the S3 bucket securely
create_s3_bucket "$bucket_name" "$region"

# Step 5: Prompt the user for the file to upload
read -p "Enter file path to upload: " file_path  # Get file path from user

# Step 6: Upload the specified file to the created S3 bucket
upload_file "$file_path" "$bucket_name"

# Step 7: Extract file name from file path
file_name=$(basename "$file_path")

# Step 8: Generate a pre-signed URL valid for 1 hour (3600 seconds)
generate_presigned_url "$bucket_name" "$file_name" 3600

🛠️ Breakdown

1. Checking for AWS CLI: If it's missing, the script downloads and installs it.
2. Configuring AWS CLI: It prompts the user to enter AWS credentials.
3. Bucket Creation: Ensures a unique bucket is created.
4. Security Setup: Disables public access to prevent unwanted exposure.
5. Uploading Files: User can specify a file to upload.
6. Generating Pre-signed URL: Provides a temporary download link for file sharing.

---

📚 How to Save and Run the Script

Saving the Script

1. Open a terminal and navigate to your desired directory.
2. Create a new script file:

   nano s3_script.sh

1. Copy and paste the script content into the file.
2. Save and exit (Press CTRL + X, then Y, and hit Enter).

Running the Script

1. Grant execute permission:

   chmod +x s3_script.sh

1. Run the script:

   ./s3_script.sh

1. Follow the on-screen prompts to configure AWS CLI, create a bucket, upload a file, and generate a pre-signed URL.

🖥️ The PowerShell Script (Windows)

# Check if AWS CLI is installed
if (-not (Get-Command aws -ErrorAction SilentlyContinue)) {
    Write-Output "AWS CLI not found! Installing..."
    Invoke-WebRequest -Uri "https://awscli.amazonaws.com/AWSCLIV2.msi" -OutFile "AWSCLIV2.msi"
    Start-Process msiexec.exe -ArgumentList "/i AWSCLIV2.msi /quiet" -Wait
    Remove-Item "AWSCLIV2.msi"
}

Write-Output "Configuring AWS CLI..."
Start-Process aws -ArgumentList "configure" -NoNewWindow -Wait

# Get user input for bucket name
$BucketName = Read-Host "Enter a unique S3 bucket name"

# Create S3 Bucket
aws s3api create-bucket --bucket $BucketName --region us-east-1

Write-Output "Blocking public access..."
aws s3api put-public-access-block --bucket $BucketName --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true

# Upload a file
$FilePath = Read-Host "Enter the file path to upload"
aws s3 cp "$FilePath" s3://$BucketName/

# Generate pre-signed URL
$FileName = Split-Path $FilePath -Leaf
$PresignedUrl = aws s3 presign "s3://$BucketName/$FileName" --expires-in 3600

Write-Output "Your pre-signed URL: $PresignedUrl"

🔍 Breakdown

• Checks and installs AWS CLI if missing.
• Configures AWS credentials.
• Creates a bucket and secures it.
• Uploads a user-specified file.
• Generates a pre-signed URL for sharing.

---

📚 How to Save and Run the Script

Saving the Script

1. Open a terminal and navigate to your desired directory.
2. Create a new script file: s3_script.ps1
3. Copy and paste the script content into the file.
4. Save and exit (Press CTRL + X, then Y, and hit Enter).

Running the Script

1. Grant execute permission: Allow script execution (if restricted): Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
2. Run the script: .\s3_script.ps1
3. Follow the on-screen prompts to configure AWS CLI, create a bucket, upload a file, and generate a pre-signed URL.

---

🏆 Final Thoughts

With these scripts, setting up an S3 bucket, securing it, and sharing files is now effortless. Whether you're on Windows or Linux/macOS, you’re covered. No more manual work—just automation magic! ✨

🚀 Happy Automating!